Virus Encyclopedia

Krap.AZ

Effects

Krap.AZ allows hackers to get into and carry out dangerous actions in affected computers, such as capturing screenshots, stealing personal data, etc.

Means of transmission

Propagation through the exploits of remote vulnerabilities:

Krap.AZ carries out the following process:

It spreads by attacking IP addresses obtained at random or from the network to which the infected computer belongs.

It tries to access the IP addresses under attack by exploiting an existing vulnerability or through an open port.

If it does this, it downloads a copy of itself onto the vulnerable computer.

Propagation via email:

Krap.AZ carries out the following process:

It arrives in an email message with an attachment. The message tries to trick users into thinking that the attachment is an interesting application, images, etc.

When the user runs the attachment, the computer is infected.

Krap.AZ sends itself to a set of contacts, which it obtains through the address books of programs such as Outlook or MSN Messenger, or searching for email addresses in files with specific extensions (WAB, HTM, HTML, TXT, etc).

Propagation through P2P programs:

Krap.AZ carries out the following process:

It makes copies of itself in shared folders belonging to these programs.

Other users of these programs can remotely access these shared folders. So, they voluntarily download onto their computer files created by Krap.AZ in the belief that they are useful or interesting applications, movies, images, etc. In fact, they are downloading copies of Krap.AZ onto their computers.

When they run the downloaded file, these computers will be affected by Krap.AZ.

Propagation via IRC:

Krap.AZ carries out the following process:

It waits until the user connects to an IRC chat channel.

It sends a copy of itself to all users connected to the channel at that moment.